Computer systems are found today in virtually every walk of life for storing, maintaining, and transferring various types of data. The integrity of large portions of this data in many fields, such as finances and gaming, is vital to the health and survival of numerous commercial enterprises. As open and unsecured data communications channels for sales or gaming transactions gain popularity, such as playing a game of chance on a remote gaming terminal or making credit card transactions over the Internet, individual consumers have an increasing stake in data security. Thus, it is important that communications pass from a sender to an intended receiver without intermediate parties being able to interpret the transferred message.
Cryptography, especially public key cryptography, has proven to be an effective and convenient technique of enhancing data privacy and authentication. Data to be secured, called plaintext, is transformed into encrypted data, or ciphertext, by a predetermined encryption process of one type or another. The reverse process, transforming ciphertext into plaintext, is termed decryption. The processes of encryption and decryption are controlled by a pair of related cryptographic keys. A “public” key is used for the encryption process, and a “private” key is used to decrypt the ciphertext. The public key transforms plaintext to ciphertext, but cannot be used to decrypt the ciphertext to retrieve the plaintext therefrom.
A well-known example of public key cryptography is “RSA” encryption, which was developed by Rivest, Shamir and Adleman at MIT in the 1970s. RSA encryption capitalizes on the relative ease of creating a composite number from the product of two prime numbers whereas the attempt to factor the composite number into its constituent primes is difficult. RSA encryption may be used to exchange encrypted messages whereby two parties create a key pair, taking one key each. Each party may use its key to encrypt a message that can only be decrypted by the other party. RSA encryption may also be used to receive encrypted messages from any source whereby a first party creates a key pair. The first party makes the modulus and one key publicly known and keeps the other key secret. A second party may then use the public key to encrypt a message that can only be decrypted by the first party holding the secret key. Also, RSA encryption may be used for authentication where a first party creates a key pair and makes the modulus and one key publicly known. The other key is kept secret. The first party may then create a message and encrypt the message, or a hash of the message, with the secret key and publish the message. A message or a hash that can be decrypted by the public key is then known to come from the holder of the secret key, thereby authenticating its source. Further details regarding RSA encryption can be found at, for example, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems, R. Rivest, A. Shamir, L. Adleman, Communications of the ACM, Vol. 21 (2), pp. 120-126. 1978. Of course, other forms of public key cryptography exist, and the descriptions herein are not intended to be limited only to RSA type encryptions.
Current usage of more than two keys allows multiple key holders to sign or encrypt a data packet. However, such current usage typically requires that the use of multiple keys must be performed serially. Thus, only the first key holder that signed or encrypted the data packet can be ensured that he or she is operating on the original data packet. The other key holders are required to trust all previous key holders, since they operate on data encrypted with all the previously applied keys. That is, it is possible for the first key holder to sign and forward data which the remaining key holders may not approve of or wish to sign, but the remaining key holders have no way of knowing the contents of the data they are signing once the first key holder has applied his key. It may be possible for each key holder to sign multiple copies of the data packet, whereby each key holder is the first signer on at least one copy and where all copies, when completely signed must be equivalent. However, this method is cumbersome and duplicates the amount of work necessary, as multiple copies of the original data packet must then be produced.
While existing systems and methods for providing encrypted data have been adequate in the past, improvements are usually welcomed and encouraged. In light of the foregoing, it is desirable to develop systems and methods that permit multiple parties to sign and send an encrypted data packet in a more streamlined and convenient manner.